<?php
ob_start();
session_start();

function __autoload($class_name) {
include './'.$class_name . '.php';
}
$generatedOrderId = NULL;
$buyerFirstname = $_GET['buyerFirstname'];
$buyerLastname = $_GET['buyerLastname'];
$buyerAddress1 = $_GET['buyerAddress1'];
$buyerAddress2 = $_GET['buyerAddress2'];
$buyerCity = $_GET['buyerCity'];
$buyerState = $_GET['buyerState'];
$buyerPincode = $_GET['buyerPincode'];
$buyerEmail = $_GET['buyerEmail'];
$buyerContactno = $_GET['buyerContactno'];
$cart = $_SESSION['cart'];

$emailRegex ="/^([0-9a-zA-Z]+([_.-]?[0-9a-zA-Z]+)*@[0-9a-zA-Z]+[0-9,a-z,A-Z,.,-]*(.){1}[a-zA-Z]{2,4})+$/";
$mobileRegex ="/^[0-9]\d{9}$/";
$alphaRegex ="/^[A-Za-z ]+$/"; 
$addressRegex ="/^[^ ].+$/";
$pinRegex ="/^[0-9]\d{5}$/";
$flag = false;
if(preg_match($emailRegex,$buyerEmail) === false || preg_match($emailRegex,$buyerEmail) === 0 ||
preg_match($addressRegex,$buyerAddress1) === false || preg_match($addressRegex,$buyerAddress1) === 0 || 
preg_match($alphaRegex,$buyerFirstname) === false || preg_match($alphaRegex,$buyerFirstname) === 0 ||
preg_match($alphaRegex,$buyerLastname) === false || preg_match($alphaRegex,$buyerLastname) === 0 ||
preg_match($alphaRegex,$buyerCity) === false || preg_match($alphaRegex,$buyerCity) === 0 ||
preg_match($alphaRegex,$buyerState) === false || preg_match($alphaRegex,$buyerState) === 0 ||
preg_match($pinRegex,$buyerPincode) === false || preg_match($pinRegex,$buyerPincode) === 0 ||
preg_match($mobileRegex,$buyerContactno) === false || preg_match($mobileRegex,$buyerContactno) === 0){
$flag = true;
}
if(is_null($cart) || $flag){
echo -1;		
ob_end_flush();
}else{

$orders = "";

		$count = $cart -> countOrder();
		$orderList = $cart -> getOrderList();
		for ($i = 0; $i < $count; $i++) {
			$myOrder = $orderList[$i];
			$orders = $orders."(".$myOrder->getProductId().",";
			$orders = $orders.$myOrder->getQuantity().",";
			$orders = $orders."'".$myOrder->getSize()."',";
			if($i != ($count-1)){
				$orders = $orders.$myOrder->getRate()."),";	
			}else {
				$orders = $orders.$myOrder->getRate().")";	
			}
		}

$host="localhost"; // Host name 
$username="hambaaco_app"; // Mysql username  
$password="sdfsiJdsf435jf"; // Mysql password 
$db_name="hambaaco_tshirts"; // Database name 

$mysqli = new mysqli($host, $username, $password, $db_name);
if ($mysqli->connect_errno) {
    die( "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error);
}

if (!$mysqli->query("DROP TABLE IF EXISTS hambaaco_temp.details_order") ||
    !$mysqli->query("create TEMPORARY TABLE hambaaco_temp.details_order(product_id BIGINT(50),quantity INT(5),cd_size varchar(1),price DOUBLE)") ||
    !$mysqli->query("INSERT INTO hambaaco_temp.details_order(product_id,quantity,cd_size,price) VALUES ".$orders)) {
    die( "Table creation failed: (" . $mysqli->errno . ") " . $mysqli->error);
}

if (!$mysqli->query("CALL hambaaco_tshirts.create_order('".$buyerFirstname."','".$buyerLastname."','".$buyerAddress1."','".$buyerAddress2."','".$buyerCity."','".$buyerState."','".$buyerPincode."','".$buyerEmail."','".$buyerContactno."',@orderid)")) {
   die( "CALL failed: (" . $mysqli->errno . ") " . $mysqli->error);
}

$orderId=$mysqli->query( 'select @orderid' );
while($row = $orderId->fetch_object())
{
$generatedOrderId = $row->{'@orderid'};
}
mysqli_close($mysqli);
$_SESSION['cart']=null;
echo $generatedOrderId;
}
ob_end_flush();
?>